Author: Danielle Citron

According to the New York TImes, the British government is considering setting up a database of all phone, email, and Internet traffic in the country to assist in efforts to fight terrorism and crime. Officials suggested that a database could store all phone numbers dailed, web sites visited, and email addresses contacted by everyone in Britain without storing the content of the phone calls or email messages.

To be sure, such a database would raise serious privacy concerns. But it also provokes a first-order question of whether such databases are even useful in spotting terrorists. The answer to that question appears to be “no.” Recent reports suggest that “data mining is not the silver bullet that that architects of programs such as Total Information Awareness believe them to be.” The National Research Council recently produced a 376-report on data mining, counter-terrorism, and American democracy, which explains that “[a]utomated identification of terrorists through data mining (or any other known methodology) is neither feasible as an objective nor desirable as a goal of technology development efforts.” Although data mining has remarkable success in predicting consumer behavior for advertising and credit card reporting agencies, it has much less success predicting the behavior of terrorists. As ars technica reporter Jon Stokes explains, unlike a computer program’s ability to compare a consumer’s credit history with the history of millions of consumers to predict a person’s likelihood of delinquency, no large dataset of terrorist behavior exists that “can be used to train a data mining application to predict an individual’s intention to commit an act of terror with any degree of confidence.” The NRC report also explains that not only is the training data lacking but the data that the program would be mining has been purposefully corrupted by the terrorists themselves. Terrorists disguise their activities using operational security measures such as code words and encryption, rendering the data that would be mined suspect. In much the same way that credit scores would be worthless if borrowers could manipulate their credit history, data mining for terrorist activities may be a non-starter as terrorists no doubt manipulate the data trails that they leave as they make phone calls and surf the Internet.